Menu

Running a console server is required if you have more than a few devices in your lab. Getting everyone to log out in a shared lab environment is a losing battle. Heck, I can’t even do that in my own lab. It can be quite painful to have to keeping clearing TTY lines.

Have no fear! EEM to the rescue. The following script is written for manual execution but can, of course, be adapted to be run on a schedule. Watchdog timer is probably easiest but EEM supports CRON too.

One word of caution: you may need to get more recent code to support the full EEM functionality. I am using a 2651XM router and needed to upgrade to 12.4 Enterprise Base from like 12.2 code. This box does not have the flash or DRAM to run Advanced Enterprise Services. (And why would I? It a console server!)

I was working on a lab scenario and got to thinking (yes dangerous in itself) about what would happen if well known BGP communities are appended to a prefix that have contradictory rules. Which would take precedent? As a review the four* well known BGP communities are as follows:

Internet – Advertise anywhere.
No-Export – Do not send to adjacent AS.
No-Advertise – Do not sent to any peer.
Local-AS – Do not sent outside local AS; Only used in Confederation scenarios.

So what if a prefix contains both the Internet and No-Export communities? This would obviously be a misconfiguration but I wanted to see how it would be interpreted by the BGP table on the local router.

Conclusion: when multiple well known communities are used, BGP picks the most restrictive community as the tie breaker. Interestingly RFC 1997 does not specify what should be done in the case where a prefix belongs to multiple communities that have contradictory handling. I assume this behavior is Cisco proprietary.

To the great surprise of many in the industry Cisco announced Tuesday their intent to acquire Cracker Barrel Old Country Store, Inc. (known less formally as “Cracker Barrel”) for $410 Million USD cash. The Lebanon, Tennessee based company began business in 1969 and operates over 600 stores nationally. Their operating income for 2012 was $190 million USD. This purchase clearly shows that Cisco has thrown down the gauntlet and ready to add Dinner-as-a-Service (DaaS) to their portfolio.

While discussing the purchase on a conference call early Tuesday morning Cisco CEO John Chambers explained the rationale and timing for such a purchase. “We believe this move is right for Cisco. The Dinner As a Service market is one of the oldest industries and we want to be leaders in the space by innovating. Anybody can do SDN. Not everybody can do SDN and pancakes. We feel this will complement our entire product line.”

News of the purchase was met with mixed feelings on Wall Street. Analysts are concerned that Cisco is biting off more than it can chew. “There are many DaaS players out there already and Cisco is a little late to the game,” says Avril Phul a senior director with Four One Capital Consulting. “Basically you have a slow growth industry and a customer base that does not have much tolerance for change. You can’t go in and change up a bunch of things on the menu and expect people to keep coming. For Cisco to do this right, and I believe they can, they need to understand what not to do.”

Chambers went on to explain that they plan to integrate marketing pieces with Cracker Barrels existing branding. For example placing vintage routing equipment on the wall with their existing antique collection.

I have a 2811 router here in my office that I was practicing some OSPF and ZFW commands on. I got to thinking: imagine if you were stuck on a desert island and only had one router with a single cross over cable. Could you use this to study for a CCNA or CCNP? (I know what you are thinking: If one were stuck on remote island why would you care about certification?)

Well here is what I am thinking:

*Single crossover cable from Fa0/0 to Fa 0/1 so the router is self-loopbacked.
*Create sub-interfaces and place them in a unique VLAN per-router pair.
*Create VRF’s and place each “router” in its own VRF. (aka VRF-lite)

Once the logical addressing is complete, theoretically any VRF-aware routing protocol could be use to string it all together and give it the appearance of a large (lab wise) topology.

For example here is the physical topology:

And here would be the logical topology:

Each VRF pair is placed on the same VLAN to emulate the logical topology. Here is a sample of what R1 – R2 link would look like:

After about 30 minutes of config & whiteboard it turns out this works exactly as expected. When common tools such as traceroute are used it looks like a network with 8 “routers”:

I used EIGRP but theoretically OSPF, RIPv2 or IS-IS could be used. The drawback with OSPF is that it is not VRF-aware so you would need to use separate process ID which, I imagine, could get clunky on a low-end router.

File this under huge pitfall. Every now and then I run into this and get a good laugh at myself for committing this error. Take note of the following route-map:
!
route-map EIGRP2OSPF permit 10
match ip address NET-112.12.25.0/24
set metric 95
set metric-type type-1
!
route-map EIGRP2OSPF permit 20
match ip address NET-ANY
set metric 90
set metric-type type-2
!
!The route-map is called in the redistribution:
router ospf 1
redistribute eigrp 100 subnets route-map EIGRP2OSPF
!

Simple right? In case you did not notice, there is a critical flaw here and it is easy to make especially if you don’t work with route-maps everyday.

The problem is here:
match ip address NET-ANY

This is actually the incorrect syntax to call a prefix-list, and instead, is calling an ACL named “NET-ANY.” The net result is that nothing will actually be matched. (or worse if matches the wrong network assuming you have an ACL named “NET-ANY”) It would really stink to make this mistake in the CCIE lab. To paraphrase Anthony Sequeira, the CCIE lab is a horrible place to learn something.

In the Future of Networking with Fred Baker Fred mentioned an interesting IPv6 deployment scenario: give a /64 prefix to every server to support container deployment, and run routing protocols between servers and ToR switches to advertise the /64 prefix to the data center fabric preferably using link-local addresses.Let’s recap:Read more ...